Seccubus

Why Seccubus?

Anyone who has ever used a vulnerability scanner like Nessus or OpenVAS will be
familiar with one of their biggest drawbacks. They a very valuable tools, but
unfortunately they are also very noisy. The time needed to report on the findings of
a scan is often two or three times the time needed to do the actual scan. Seccubus was
created to more effectively analyze the results of regular vulnerability scans. It was
designed with defenders in mind who have to scan the same infrastructure regularly.

How does it work?

Seccubus runs vulnerability scans at regular intervals and compares the findings of
the last scan with the findings of the previous scan. The delta of this scan is
presented in a web GUI where findings can be easily marked as either real findings or
non-issues. Non issues get ignored until they change. This causes a dramatic
reduction in analysis time.
Before the results of a vulnerability scan are imported into Seccubus they are first
converted to the Intermediate Vulnerability Information Language (IVIL) format to make
sure Seccubus can work with many different scanners